Modificare il file:
\iwgallery\admin\inc_login.asp
<!--#include virtual="/iwgallery/Connections/connIWGallery.asp" --> <% ' *** Validate request to log in to this site. MM_LoginAction = Request.ServerVariables("URL") If Request.QueryString<>"" Then MM_LoginAction = MM_LoginAction + "?" + Server.HTMLEncode(Request.QueryString) MM_valUsername=CStr(Request.Form("NAME")) If MM_valUsername <> "" Then MM_fldUserAuthorization="USE_ACCESS" MM_redirectLoginSuccess="home.asp" MM_redirectLoginFailed="logout.asp?reason=Accesso%20negato" MM_flag="ADODB.Recordset" set MM_rsUser = Server.CreateObject(MM_flag) MM_rsUser.ActiveConnection = MM_connIWGallery_STRING MM_rsUser.Source = "SELECT USE_ID, USE_NAME, USE_PASSWORD" If MM_fldUserAuthorization <> "" Then MM_rsUser.Source = MM_rsUser.Source & "," & MM_fldUserAuthorization MM_rsUser.Source = MM_rsUser.Source & " FROM USERS WHERE USE_NAME='" & Replace(MM_valUsername,"'","''") &"' AND USE_PASSWORD='" & Replace(Request.Form("PASSWORD"),"'","''") & "'" MM_rsUser.CursorType = 0 MM_rsUser.CursorLocation = 2 MM_rsUser.LockType = 3 MM_rsUser.Open If Not MM_rsUser.EOF Or Not MM_rsUser.BOF Then set cmdHits = Server.CreateObject("ADODB.Command") cmdHits.ActiveConnection = MM_connIWGallery_STRING cmdHits.CommandText = "UPDATE USERS SET USE_HITS = USE_HITS + 1 WHERE USE_ID = " & MM_rsUser("USE_ID") & " AND USE_NAME = '" & MM_rsUser("USE_NAME") & "'" cmdHits.CommandType = 1 cmdHits.CommandTimeout = 0 cmdHits.Prepared = true cmdHits.Execute() ' username and password match - this is a valid user Session("MM_Username") = MM_valUsername Response.Cookies("IWGalleryUserName") = MM_valUsername Response.Cookies("IWGalleryUserID") = MM_rsUser("USE_ID") If (MM_fldUserAuthorization <> "") Then Session("MM_UserAuthorization") = CStr(MM_rsUser.Fields.Item(MM_fldUserAuthorization).Value) ResponSe.Cookies("IWGalleryAccess") = CStr(MM_rsUser.Fields.Item(MM_fldUserAuthorization).Value) Else Session("MM_UserAuthorization") = "" End If if CStr(Request.QueryString("accessdenied")) <> "" And false Then MM_redirectLoginSuccess = Request.QueryString("accessdenied") End If MM_rsUser.Close Response.Redirect(MM_redirectLoginSuccess) End If MM_rsUser.Close Response.Redirect(MM_redirectLoginFailed) End If %> <form ACTION="<%=MM_LoginAction%>" method="POST" name="form1"> <table border="0" cellpadding="0" cellspacing="0" class="box"> <tr> <td align="left" valign="top" class="box-header"><table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="1" align="left" class="box-header"><img src="../themes/<%= strTheme %>/box-header-left.jpg"></td> <td width="100%" class="box-header"><%= strPageTitle %></td> <td width="1" align="right" class="box-header"><img src="../themes/<%= strTheme %>/box-header-right.jpg"></td> </tr> </table></td> </tr> <tr> <td align="left" valign="top" class="box-main"><table width="100%" border="0" cellpadding="0" cellspacing="1" class="content"> <tr> <td> </td> <td><span class="evidence"><%= Request.QueryString("reason") %><%= Request.QueryString("result") %></span></td> </tr> <tr> <td align="right" valign="baseline">*Login:</td> <td><input name="NAME" type="text" id="NAME" size="32"></td> </tr> <tr> <td align="right" valign="baseline">*Password:</td> <td><input name="PASSWORD" type="password" id="PASSWORD" size="32"></td> </tr> <tr> <td align="right" valign="baseline"> </td> <td><input name="Submit" class="button" type="submit" value="Login"></td> </tr> </table> <table width="100%" border="0" cellspacing="1" cellpadding="0" class="menu"> <tr> <td width="1%"><img src="../themes/<%= strTheme %>/menu-item.jpg" border="0"></td> <td><a href="../admin/password.asp">Recupera Password</a> </td> </tr> </table> <br /></td> </tr> <tr> <td align="left" valign="top"><table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="1" align="left" class="box-bottom"><img src="../themes/<%= strTheme %>/box-bottom-left.jpg"></td> <td width="100%" class="box-bottom"><img src="../images/shim.gif" width="1" height="1"></td> <td width="1" align="right" class="box-bottom"><img src="../themes/<%= strTheme %>/box-bottom-right.jpg"></td> </tr> </table></td> </tr> </table> </form>
[
Íàçàä
]